yourlifeiowa.com

Issued by R3

About this certificate

This digital certificate with serial number 03:97:20:3d:52:f3:b9:72:f7:77:cd:70:50:52:b9:53:16:a9 was issued on by Let's Encrypt.

With 97 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=yourlifeiowa.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 03:97:20:3d:52:f3:b9:72:f7:77:cd:70:50:52:b9:53:16:a9
Serial Number (int): 312762348908783360558657607354211024180905
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 73:80:4c:e7:1b:39:a0:44:4a:97:ff:a2:20:a9:70:3a:ef:93:4f:04
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): f0:2d:fc:13:ef:93:fa:48:23:42:58:7b:af:8d:55:41:9e:ee:cc:51
Fingerprint (sha256): f0:40:2a:7a:24:64:d7:3f:c9:91:5b:9f:65:bd:3b:f2:43:01:af:35:75:ce:e4:4b:1c:dc:cb:3e:04:02:b2:76

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate yourlifeiowa.com

97

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for yourlifeiowa.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

app.iowastem.org
i-pact.com
ialottery.com
internal.courts.iowa.gov
iowaabd.com
iowaagriculture.gov
iowacleanair.gov
iowadnr.com
iowadrivingav.org
iowagrants.gov
iowagreatplaces.gov
iowahistory.org
iowahumanitiescouncil.com
iowahumanitiescouncil.org
iowahush.com
iowaintex.gov
iowalmi.gov
iowamissingpersons.com
iowamissingpersons.gov
iowaopiodhelp.com
iowaopioidhelp.com
iowaopioidhelp.org
iowap2services.com
iowareap.com
iowasmokefreeair.gov
iowastem.org
iowastics.com
iowiki.iowaintex.gov
m.ialottery.com
media.ialottery.com
mtest.ialottery.com
onsiteiowa.com
p2infohouse.org
recognizeandreport.org
resultsiowa.org
safeandsoundiowa.com
safeandsoundiowa.gov
safeandsoundiowa.org
safearoundsemis.com
test.ialottery.com
test.icaps.iowacollegeaid.gov
test.iowagrants.gov
test.iowaintex.gov
voterreadyiowa.org
webapp.iecdb.iowa.gov
www.broadband.iowa.gov
www.cmedocviewerportal.iowadot.gov
www.cmesnowboundportal.iowadot.gov
www.cmewebapiportal.iowadot.gov
www.coaching.iowa.gov
www.devertservices.iowadot.gov
www.dlphoto.iowadot.gov
www.envpermits.iowadot.gov
www.ertservices.iowadot.gov
www.historicalphotos.iowadot.gov
www.i-pact.com
www.iahealthlink.gov
www.ialottery.com
www.iowaagriculture.gov
www.iowadrivingav.org
www.iowagrants.gov
www.iowaintex.gov
www.iowalmi.gov
www.iowamissingpersons.com
www.iowamissingpersons.gov
www.iowaoutdoorsmagazine.com
www.iowap2interns.com
www.iowasmokefreeair.gov
www.iowasourcewater.org
www.iowastatepatrol.net
www.iowastatepatrol.org
www.iowastem.org
www.iowastics.com
www.iowatitleguaranty.gov
www.jobs.iowa.gov
www.learning.iowadot.gov
www.licensediniowa.gov
www.majorprojects.iowadot.gov
www.maple.iowadot.gov
www.mtmug.iowadot.gov
www.mydotdocs.iowadot.gov
www.onsiteiowa.com
www.p2infohouse.org
www.recognizeandreport.org
www.recoveryiowa.org
www.resultsiowa.org
www.safearoundsemis.com
www.safeathome.iowa.gov
www.testertservices.iowadot.gov
www.tmcdashboard.iowadot.gov
www.tmcservice.iowadot.gov
www.voterreadyiowa.org
www.yourlifeiowa.com
www.yourlifeiowa.net
www.yourlifeiowa.org
yourlifeiowa.com
yourlifeiowa.net

Other certificates including the domain name yourlifeiowa.com

(limited to 100 certificates)
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.envoystaging.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.envoystaging.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.org
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.org
yourlifeiowa.com
yourlifeiowa.com
yourlifeiowa.com

Certificate

The complete raw certificate details for yourlifeiowa.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIINVDCCDDygAwIBAgISA5cgPVLzuXL3d81wUFK5UxapMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDA0MDExMzAxMzZaFw0yNDA2MzAxMzAxMzVaMBsxGTAXBgNVBAMT
EHlvdXJsaWZlaW93YS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCpa6y6wxYm/kpZ6rEEDq91O7VWMdxR6SY86CMewgkrIWkLcS0u60Bcm1Nw+TUh
myidjsmkQXvO4uYLznREFLZAYDnH4tITrJKp9IYqcowYBkHyBT3vmHuUfUrALbHz
k+8ntZAI6pY9mwMin6T1mhc1dIUeqkdHEtOpohsvpegNtTWdeYzC52rFeegwBGwj
dmWQhjDCUR6mqaHXdEk0t0ZBYgWhTvKjrPDgatGeJsOhIM2jDQ3tqvc4uvmjmLja
K3s7VExa8B/xuDJ6XzP/RByJhyGSO0ZVFLdmToPKpVTR0jlhcm0izTwrZ1oJUBbb
dFHasjOpDkwR7/WN/nuOgVmLAgMBAAGjggp5MIIKdTAOBgNVHQ8BAf8EBAMCBaAw
HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD
VR0OBBYEFHOATOcbOaBESpf/oiCpcDrvk08EMB8GA1UdIwQYMBaAFBQusxe3WFbL
rlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDov
L3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5v
cmcvMIIIfgYDVR0RBIIIdTCCCHGCEGFwcC5pb3dhc3RlbS5vcmeCCmktcGFjdC5j
b22CDWlhbG90dGVyeS5jb22CGGludGVybmFsLmNvdXJ0cy5pb3dhLmdvdoILaW93
YWFiZC5jb22CE2lvd2FhZ3JpY3VsdHVyZS5nb3aCEGlvd2FjbGVhbmFpci5nb3aC
C2lvd2FkbnIuY29tghFpb3dhZHJpdmluZ2F2Lm9yZ4IOaW93YWdyYW50cy5nb3aC
E2lvd2FncmVhdHBsYWNlcy5nb3aCD2lvd2FoaXN0b3J5Lm9yZ4IZaW93YWh1bWFu
aXRpZXNjb3VuY2lsLmNvbYIZaW93YWh1bWFuaXRpZXNjb3VuY2lsLm9yZ4IMaW93
YWh1c2guY29tgg1pb3dhaW50ZXguZ292ggtpb3dhbG1pLmdvdoIWaW93YW1pc3Np
bmdwZXJzb25zLmNvbYIWaW93YW1pc3NpbmdwZXJzb25zLmdvdoIRaW93YW9waW9k
aGVscC5jb22CEmlvd2FvcGlvaWRoZWxwLmNvbYISaW93YW9waW9pZGhlbHAub3Jn
ghJpb3dhcDJzZXJ2aWNlcy5jb22CDGlvd2FyZWFwLmNvbYIUaW93YXNtb2tlZnJl
ZWFpci5nb3aCDGlvd2FzdGVtLm9yZ4INaW93YXN0aWNzLmNvbYIUaW93aWtpLmlv
d2FpbnRleC5nb3aCD20uaWFsb3R0ZXJ5LmNvbYITbWVkaWEuaWFsb3R0ZXJ5LmNv
bYITbXRlc3QuaWFsb3R0ZXJ5LmNvbYIOb25zaXRlaW93YS5jb22CD3AyaW5mb2hv
dXNlLm9yZ4IWcmVjb2duaXplYW5kcmVwb3J0Lm9yZ4IPcmVzdWx0c2lvd2Eub3Jn
ghRzYWZlYW5kc291bmRpb3dhLmNvbYIUc2FmZWFuZHNvdW5kaW93YS5nb3aCFHNh
ZmVhbmRzb3VuZGlvd2Eub3JnghNzYWZlYXJvdW5kc2VtaXMuY29tghJ0ZXN0Lmlh
bG90dGVyeS5jb22CHXRlc3QuaWNhcHMuaW93YWNvbGxlZ2VhaWQuZ292ghN0ZXN0
Lmlvd2FncmFudHMuZ292ghJ0ZXN0Lmlvd2FpbnRleC5nb3aCEnZvdGVycmVhZHlp
b3dhLm9yZ4IVd2ViYXBwLmllY2RiLmlvd2EuZ292ghZ3d3cuYnJvYWRiYW5kLmlv
d2EuZ292giJ3d3cuY21lZG9jdmlld2VycG9ydGFsLmlvd2Fkb3QuZ292giJ3d3cu
Y21lc25vd2JvdW5kcG9ydGFsLmlvd2Fkb3QuZ292gh93d3cuY21ld2ViYXBpcG9y
dGFsLmlvd2Fkb3QuZ292ghV3d3cuY29hY2hpbmcuaW93YS5nb3aCHnd3dy5kZXZl
cnRzZXJ2aWNlcy5pb3dhZG90LmdvdoIXd3d3LmRscGhvdG8uaW93YWRvdC5nb3aC
Gnd3dy5lbnZwZXJtaXRzLmlvd2Fkb3QuZ292ght3d3cuZXJ0c2VydmljZXMuaW93
YWRvdC5nb3aCIHd3dy5oaXN0b3JpY2FscGhvdG9zLmlvd2Fkb3QuZ292gg53d3cu
aS1wYWN0LmNvbYIUd3d3LmlhaGVhbHRobGluay5nb3aCEXd3dy5pYWxvdHRlcnku
Y29tghd3d3cuaW93YWFncmljdWx0dXJlLmdvdoIVd3d3Lmlvd2Fkcml2aW5nYXYu
b3JnghJ3d3cuaW93YWdyYW50cy5nb3aCEXd3dy5pb3dhaW50ZXguZ292gg93d3cu
aW93YWxtaS5nb3aCGnd3dy5pb3dhbWlzc2luZ3BlcnNvbnMuY29tghp3d3cuaW93
YW1pc3NpbmdwZXJzb25zLmdvdoIcd3d3Lmlvd2FvdXRkb29yc21hZ2F6aW5lLmNv
bYIVd3d3Lmlvd2FwMmludGVybnMuY29tghh3d3cuaW93YXNtb2tlZnJlZWFpci5n
b3aCF3d3dy5pb3dhc291cmNld2F0ZXIub3Jnghd3d3cuaW93YXN0YXRlcGF0cm9s
Lm5ldIIXd3d3Lmlvd2FzdGF0ZXBhdHJvbC5vcmeCEHd3dy5pb3dhc3RlbS5vcmeC
EXd3dy5pb3dhc3RpY3MuY29tghl3d3cuaW93YXRpdGxlZ3VhcmFudHkuZ292ghF3
d3cuam9icy5pb3dhLmdvdoIYd3d3LmxlYXJuaW5nLmlvd2Fkb3QuZ292ghZ3d3cu
bGljZW5zZWRpbmlvd2EuZ292gh13d3cubWFqb3Jwcm9qZWN0cy5pb3dhZG90Lmdv
doIVd3d3Lm1hcGxlLmlvd2Fkb3QuZ292ghV3d3cubXRtdWcuaW93YWRvdC5nb3aC
GXd3dy5teWRvdGRvY3MuaW93YWRvdC5nb3aCEnd3dy5vbnNpdGVpb3dhLmNvbYIT
d3d3LnAyaW5mb2hvdXNlLm9yZ4Iad3d3LnJlY29nbml6ZWFuZHJlcG9ydC5vcmeC
FHd3dy5yZWNvdmVyeWlvd2Eub3JnghN3d3cucmVzdWx0c2lvd2Eub3Jnghd3d3cu
c2FmZWFyb3VuZHNlbWlzLmNvbYIXd3d3LnNhZmVhdGhvbWUuaW93YS5nb3aCH3d3
dy50ZXN0ZXJ0c2VydmljZXMuaW93YWRvdC5nb3aCHHd3dy50bWNkYXNoYm9hcmQu
aW93YWRvdC5nb3aCGnd3dy50bWNzZXJ2aWNlLmlvd2Fkb3QuZ292ghZ3d3cudm90
ZXJyZWFkeWlvd2Eub3JnghR3d3cueW91cmxpZmVpb3dhLmNvbYIUd3d3LnlvdXJs
aWZlaW93YS5uZXSCFHd3dy55b3VybGlmZWlvd2Eub3JnghB5b3VybGlmZWlvd2Eu
Y29tghB5b3VybGlmZWlvd2EubmV0MBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBgYK
KwYBBAHWeQIEAgSB9wSB9ADyAHcASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/
qznYhHMAAAGOmfcsVQAABAMASDBGAiEA1WLCe8A3zYQTNtBz+EnK4TH55n4GYfKn
p5Zc3KqNN3kCIQCnagFEcCh1jqoyn5COB0B82SfFXt1pBAEvBmbXEffcjQB3AO7N
0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABjpn3LG0AAAQDAEgwRgIh
ALpo0FlbSHonKd4aSvgFpWIVW7zoAj6mJCId3h1jeWPGAiEAjh0Kt9HtPSYup1gV
9KfH1jBURnUkS9BOrieHFW0kD1QwDQYJKoZIhvcNAQELBQADggEBAJuDf5p3VIxp
Dtu9AuFqXyzCSYod2NYe07CNJFwmpShqHFqH6brouok+TbYxh05w+6o8wHeZaKux
Jxkllh1iRIc6Co7aM+SIbeDdaukdqq+/Ix5xhuON+h39NS8DPNX/9YANIde13uX1
CRT6b4vITCtrAHP8lTZ3wDRf9ufdl+ZJFwyV11rLVFdPR9ZVy4oUfNozkkkemFhX
UN+Pq8KeIzWRNnVag+XoQvGN/vfVmsep5jJ6TUpNw6CaNDz9Rz7OQYhS1b61itSp
AhY/grUUwIPEwNg8lWbs27iAbavmIx/NlMSIjWZ6u9ru+BYbBRJckQs7ltYW+mnG
7A57WnpAlvQ=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWususMWJv5KWeqxBA6v
dTu1VjHcUekmPOgjHsIJKyFpC3EtLutAXJtTcPk1IZsonY7JpEF7zuLmC850RBS2
QGA5x+LSE6ySqfSGKnKMGAZB8gU975h7lH1KwC2x85PvJ7WQCOqWPZsDIp+k9ZoX
NXSFHqpHRxLTqaIbL6XoDbU1nXmMwudqxXnoMARsI3ZlkIYwwlEepqmh13RJNLdG
QWIFoU7yo6zw4GrRnibDoSDNow0N7ar3OLr5o5i42it7O1RMWvAf8bgyel8z/0Qc
iYchkjtGVRS3Zk6DyqVU0dI5YXJtIs08K2daCVAW23RR2rIzqQ5MEe/1jf57joFZ
iwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 312762348908783360558657607354211024180905
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-01 13:01:36 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-30 13:01:35 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'yourlifeiowa.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21387369924973854207891119203445876188765703764865383668245050985140670472205029353560116739821570525321657746074143616095759342574528945959673457720548931906394866735223008482499665170039394238657365590097893617957661974891214707912583056263709214326410726316320115388636399397743203459909473890728455024506574740235183479840862484975528464781080130174603328193970554761002409528607053928865015134400512228423847384167548526183011688676383143472506375627556812793205846301354221796622077397277051526018305199959115652340602847856655747589007297209400771780604449244446116424655305252279973151537121829221046344046987
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							73804ce71b39a0444a97ffa220a9703aef934f04
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2165 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'app.iowastem.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'i-pact.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ialottery.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'internal.courts.iowa.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowaabd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowaagriculture.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowacleanair.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowadnr.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowadrivingav.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowagrants.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowagreatplaces.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowahistory.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowahumanitiescouncil.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowahumanitiescouncil.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowahush.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowaintex.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowalmi.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowamissingpersons.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowamissingpersons.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowaopiodhelp.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowaopioidhelp.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowaopioidhelp.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowap2services.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowareap.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowasmokefreeair.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowastem.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowastics.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iowiki.iowaintex.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.ialottery.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'media.ialottery.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mtest.ialottery.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'onsiteiowa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'p2infohouse.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'recognizeandreport.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'resultsiowa.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'safeandsoundiowa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'safeandsoundiowa.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'safeandsoundiowa.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'safearoundsemis.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.ialottery.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.icaps.iowacollegeaid.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.iowagrants.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.iowaintex.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'voterreadyiowa.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webapp.iecdb.iowa.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.broadband.iowa.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cmedocviewerportal.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cmesnowboundportal.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cmewebapiportal.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.coaching.iowa.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.devertservices.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dlphoto.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.envpermits.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ertservices.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.historicalphotos.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.i-pact.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iahealthlink.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ialottery.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowaagriculture.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowadrivingav.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowagrants.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowaintex.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowalmi.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowamissingpersons.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowamissingpersons.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowaoutdoorsmagazine.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowap2interns.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowasmokefreeair.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowasourcewater.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowastatepatrol.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowastatepatrol.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowastem.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowastics.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iowatitleguaranty.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jobs.iowa.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.learning.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.licensediniowa.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.majorprojects.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.maple.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mtmug.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mydotdocs.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.onsiteiowa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.p2infohouse.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.recognizeandreport.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.recoveryiowa.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.resultsiowa.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.safearoundsemis.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.safeathome.iowa.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.testertservices.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tmcdashboard.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tmcservice.iowadot.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.voterreadyiowa.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yourlifeiowa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yourlifeiowa.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yourlifeiowa.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yourlifeiowa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yourlifeiowa.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
							00f200770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018e99f72c550000040300483046022100d562c27bc037cd841336d073f849cae131f9e67e0661f2a7a7965cdcaa8d3779022100a76a01447028758eaa329f908e07407cd927c55edd6904012f0666d711f7dc8d007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018e99f72c6d0000040300483046022100ba68d0595b487a2729de1a4af805a562155bbce8023ea624221dde1d637963c60221008e1d0ab7d1ed3d262ea75815f4a7c7d630544675244bd04eae2787156d240f54
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		009b837f9a77548c690edbbd02e16a5f2cc2498a1dd8d61ed3b08d245c26a5286a1c5a87e9bae8ba893e4db631874e70fbaa3cc0779968abb1271925961d6244873a0a8eda33e4886de0dd6ae91daaafbf231e7186e38dfa1dfd352f033cd5fff5800d21d7b5dee5f50914fa6f8bc84c2b6b0073fc953677c0345ff6e7dd97e649170c95d75acb54574f47d655cb8a147cda3392491e98585750df8fabc29e23359136755a83e5e842f18dfef7d59ac7a9e6327a4d4a4dc3a09a343cfd473ece418852d5beb58ad4a902163f82b514c083c4c0d83c9566ecdbb8806dabe6231fcd94c4888d667abbdaeef8161b05125c910b3b96d616fa69c6ec0e7b5a7a4096f4